Category: Footprinting

Easily described as preparationof actual hacking. Collecting broad information about the target. Passiveway is searching target over google or public records / news and activeway is gathering information by interacting with the target directly like asking inquiry to the help desk

To collect network information, such as domain name, internal domain name, IP address or whether security solution like IDS or honeypot running, you can set up the plan depends on what kinds of network topology it has.

To collect system/ host information such as operating system or user / group name etc, you can connect this information to find vulnerabilities or social engineering targets.

To collect organization’s information like company’s history, employees or job openings, you can use this information for social engineering or spamming etc.

Google Advanced search : Google has web crawler which gives us lots of results when you search something on google, and if you use advanced search operators by typing some of keyword (cache: , link: , site: ..etc) it will give you specific results. For example, when you type “inurl:dbconn filetype:inc site:.com” on the google search bar.

which means finding files that have .inc file type and located on URL which are ended with .com and in that URL but it restricts the results to documents which contains dbconn on URL. -> and the google shows you dbconn.inc files which could have account information about database manager or database.

2. Whois Lookup : This is the database are maintained by Regional Internet Registries, which has information about domain. You can check domain name server or details via whois lookup. You can check out whois information on whois lookup website like (https://whois.icann.org/en / https://www.whois.net/default.aspx) or some tools like LanWhois, Tamos Smart whoisetc

3. DNS information : By using Domain dossier, DNS lookup you can easily find DNS information about targets, which gives you the information about location and type of target’s server.

For preparation of ethical hacking, foot printing and reconnaissance, you need to know how to get information about the target. By checking out this methodology, you can see whether a company’s websites provide sensitive information or not and manage website details to public. like robots.txt

ㅁSearch engine caches and internet archives like google or archive
ㅁBrowse the current website.
Other than caches or archives of the website, you can also get lot of information by browsing the current website. By usingBurp Suite, Zaproxy, Paros Proxy, Website informer, Firebugand etc, you can view header of websites which provides connection status, content-type, accept-ranges, website server in use and version.

You can also use couple of other tools to get website information such as employee nme, email address, etc by setting up automated searches on GSA Email Spider and Web Data Extractor

ㅁPublic and restricted websitesby trial and error method or using servicelike netcraft
You can find general information by checking target’s websites. From websites, you can check the source code by right-clicking or pressing [F12] key. Easily get information like programmers’ comments or contact details and script type.

ㅁMirroring an entire website
Mirroring websites means copying every source code and resources from the target’s web server, and downloading them into your local directory. Once you get the mirrored site, you can easily analyze the website without sending actual or malicious (repetitive) request to an actual target server. HTTrack Web Site Copier, SurfOffline

Hacking other network or system is illegal and considered as crime. I am not responsible for what you do with this information. This blog is for educational purposes only.

Recent Posts: Info In Security

Kioptrix level 2 Vulnbub is perfect place to practice hands-on experience for pen-test. I personally recommend do most of vulnhub lab before registering PWK(OSCP) course. Kioptrix level 2 : https://www.vulnhub.com/entry/kioptrix-level-11-2,23/ Easily download the virtual machine image from the link, set up the network into Bridge or NAT (depends on your preference) (kioptrix level2 img) 0. […]

https://www.hackthebox.eu/ To signup the ‘Hack the Box’ website needs to find “invite code”. First, find the missing/hidden information on the page. You can easily edit HTML elements with developer tools, which will show on your browser by pressing key F12. You can see the token value is changing whenever refreshing the page. Sadly, token […]

Started at 20th Oct and ended on 22nd. Unlike other CTF that you can easily submit flag value on web, PWN2WIN 2017 CTF ask us to submit flag value via github. So we spent 2 or 3 hours to setup that environment (getting ssh, getting team’s key..) but it was fun!! For CTF questions, you […]

Search

Search for:

Text Widget

This is a text widget, which allows you to add text or HTML to your sidebar. You can use them to display text, links, images, HTML, or a combination of these. Edit them in the Widget section of the Customizer.